1*3ac0a46fSAndroid Build Coastguard Workerhttps://github.com/uclouvain/openjpeg/pull/1450 2*3ac0a46fSAndroid Build Coastguard Workerhttps://patch-diff.githubusercontent.com/raw/uclouvain/openjpeg/pull/1450.patch 3*3ac0a46fSAndroid Build Coastguard Worker 4*3ac0a46fSAndroid Build Coastguard WorkerFrom 093ccb0ecdba7d5c4b5363e7dda33b1769fcc08a Mon Sep 17 00:00:00 2001 5*3ac0a46fSAndroid Build Coastguard WorkerFrom: Mark Mentovai <[email protected]> 6*3ac0a46fSAndroid Build Coastguard WorkerDate: Mon, 7 Nov 2022 09:32:02 -0500 7*3ac0a46fSAndroid Build Coastguard WorkerSubject: [PATCH] openjp2/j2k: replace sprintf calls with snprintf 8*3ac0a46fSAndroid Build Coastguard WorkerMIME-Version: 1.0 9*3ac0a46fSAndroid Build Coastguard WorkerContent-Type: text/plain; charset=UTF-8 10*3ac0a46fSAndroid Build Coastguard WorkerContent-Transfer-Encoding: 8bit 11*3ac0a46fSAndroid Build Coastguard Worker 12*3ac0a46fSAndroid Build Coastguard WorkerThis makes it possible to build j2k.c without warnings using the macOS 13*3ac0a46fSAndroid Build Coastguard Worker13 SDK. Calls to sprintf are replaced with snprintf, passing appropriate 14*3ac0a46fSAndroid Build Coastguard Workerbuffer sizes. 15*3ac0a46fSAndroid Build Coastguard Worker 16*3ac0a46fSAndroid Build Coastguard WorkerIt doesn’t appear that any of the changed uses of sprintf were actually 17*3ac0a46fSAndroid Build Coastguard Workerunsafe, so no behavior change is expected aside from SDK compatibility. 18*3ac0a46fSAndroid Build Coastguard Worker 19*3ac0a46fSAndroid Build Coastguard WorkerThe macOS 13 SDK deprecates sprintf as it’s difficult to use safely. The 20*3ac0a46fSAndroid Build Coastguard Workerdeprecation warning message is visible when building C++, but it is not 21*3ac0a46fSAndroid Build Coastguard Workernormally visible when building plain C code due to a quirk in how 22*3ac0a46fSAndroid Build Coastguard Workersprintf is declared in the SDK. However, the deprecation message is 23*3ac0a46fSAndroid Build Coastguard Workervisible when building plain C under Address Sanitizer 24*3ac0a46fSAndroid Build Coastguard Worker(-fsanitize=address). This discrepancy was discovered at 25*3ac0a46fSAndroid Build Coastguard Workerhttps://crbug.com/1381706 and reported to Apple with a copy at 26*3ac0a46fSAndroid Build Coastguard Workerhttps://openradar.appspot.com/FB11761475. 27*3ac0a46fSAndroid Build Coastguard Worker 28*3ac0a46fSAndroid Build Coastguard WorkerThe macOS 13 SDK is packaged in Xcode 14.1, released on 2022-11-01. This 29*3ac0a46fSAndroid Build Coastguard Workeralso affects the iOS 16 SDK and other 2022-era Apple OS SDKs packaged in 30*3ac0a46fSAndroid Build Coastguard WorkerXcode 14.0, released on 2022-09-12. 31*3ac0a46fSAndroid Build Coastguard Worker 32*3ac0a46fSAndroid Build Coastguard Workerj2k.c is visible to the Chromium build via PDFium, and this change is 33*3ac0a46fSAndroid Build Coastguard Workerneeded to allow Chromium to move forward to the macOS 13 SDK. 34*3ac0a46fSAndroid Build Coastguard Worker 35*3ac0a46fSAndroid Build Coastguard WorkerThis change is limited to src/lib/openjp2. Other uses of sprintf were 36*3ac0a46fSAndroid Build Coastguard Workerfound throughout openjpeg. 37*3ac0a46fSAndroid Build Coastguard Worker--- 38*3ac0a46fSAndroid Build Coastguard Worker src/lib/openjp2/j2k.c | 13 ++++++++----- 39*3ac0a46fSAndroid Build Coastguard Worker 1 file changed, 8 insertions(+), 5 deletions(-) 40*3ac0a46fSAndroid Build Coastguard Worker 41*3ac0a46fSAndroid Build Coastguard Workerdiff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c 42*3ac0a46fSAndroid Build Coastguard Workerindex 923bd8916..354415df7 100644 43*3ac0a46fSAndroid Build Coastguard Worker--- a/src/lib/openjp2/j2k.c 44*3ac0a46fSAndroid Build Coastguard Worker+++ b/src/lib/openjp2/j2k.c 45*3ac0a46fSAndroid Build Coastguard Worker@@ -7954,21 +7954,24 @@ OPJ_BOOL opj_j2k_setup_encoder(opj_j2k_t *p_j2k, 46*3ac0a46fSAndroid Build Coastguard Worker 47*3ac0a46fSAndroid Build Coastguard Worker /* UniPG>> */ 48*3ac0a46fSAndroid Build Coastguard Worker #ifdef USE_JPWL 49*3ac0a46fSAndroid Build Coastguard Worker- cp->comment = (char*)opj_malloc(clen + strlen(version) + 11); 50*3ac0a46fSAndroid Build Coastguard Worker+ const size_t cp_comment_buf_size = clen + strlen(version) + 11; 51*3ac0a46fSAndroid Build Coastguard Worker+ cp->comment = (char*)opj_malloc(cp_comment_buf_size); 52*3ac0a46fSAndroid Build Coastguard Worker if (!cp->comment) { 53*3ac0a46fSAndroid Build Coastguard Worker opj_event_msg(p_manager, EVT_ERROR, 54*3ac0a46fSAndroid Build Coastguard Worker "Not enough memory to allocate comment string\n"); 55*3ac0a46fSAndroid Build Coastguard Worker return OPJ_FALSE; 56*3ac0a46fSAndroid Build Coastguard Worker } 57*3ac0a46fSAndroid Build Coastguard Worker- sprintf(cp->comment, "%s%s with JPWL", comment, version); 58*3ac0a46fSAndroid Build Coastguard Worker+ snprintf(cp->comment, cp_comment_buf_size, "%s%s with JPWL", 59*3ac0a46fSAndroid Build Coastguard Worker+ comment, version); 60*3ac0a46fSAndroid Build Coastguard Worker #else 61*3ac0a46fSAndroid Build Coastguard Worker- cp->comment = (char*)opj_malloc(clen + strlen(version) + 1); 62*3ac0a46fSAndroid Build Coastguard Worker+ const size_t cp_comment_buf_size = clen + strlen(version) + 1; 63*3ac0a46fSAndroid Build Coastguard Worker+ cp->comment = (char*)opj_malloc(cp_comment_buf_size); 64*3ac0a46fSAndroid Build Coastguard Worker if (!cp->comment) { 65*3ac0a46fSAndroid Build Coastguard Worker opj_event_msg(p_manager, EVT_ERROR, 66*3ac0a46fSAndroid Build Coastguard Worker "Not enough memory to allocate comment string\n"); 67*3ac0a46fSAndroid Build Coastguard Worker return OPJ_FALSE; 68*3ac0a46fSAndroid Build Coastguard Worker } 69*3ac0a46fSAndroid Build Coastguard Worker- sprintf(cp->comment, "%s%s", comment, version); 70*3ac0a46fSAndroid Build Coastguard Worker+ snprintf(cp->comment, cp_comment_buf_size, "%s%s", comment, version); 71*3ac0a46fSAndroid Build Coastguard Worker #endif 72*3ac0a46fSAndroid Build Coastguard Worker /* <<UniPG */ 73*3ac0a46fSAndroid Build Coastguard Worker } 74*3ac0a46fSAndroid Build Coastguard Worker@@ -11973,7 +11976,7 @@ static OPJ_BOOL opj_j2k_move_data_from_codec_to_output_image(opj_j2k_t * p_j2k, 75*3ac0a46fSAndroid Build Coastguard Worker p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data; 76*3ac0a46fSAndroid Build Coastguard Worker #if 0 77*3ac0a46fSAndroid Build Coastguard Worker char fn[256]; 78*3ac0a46fSAndroid Build Coastguard Worker- sprintf(fn, "/tmp/%d.raw", compno); 79*3ac0a46fSAndroid Build Coastguard Worker+ snprintf(fn, sizeof fn, "/tmp/%d.raw", compno); 80*3ac0a46fSAndroid Build Coastguard Worker FILE *debug = fopen(fn, "wb"); 81*3ac0a46fSAndroid Build Coastguard Worker fwrite(p_image->comps[compno].data, sizeof(OPJ_INT32), 82*3ac0a46fSAndroid Build Coastguard Worker p_image->comps[compno].w * p_image->comps[compno].h, debug); 83